Table Of Content®
:
COBIT 5
Process Reference Guide
Exposure Draft
COBIT 5: Process Reference Guide Exposure Draft
®
ISACA
With 95,000 constituents in 160 countries, ISACA (www.isaca.org) is a leading global provider of
knowledge, certifications, community, advocacy and education on information systems (IS)
assurance and security, enterprise governance and management of IT, and IT‐related risk and
compliance. Founded in 1969, the non‐profit, independent ISACA hosts international
conferences, publishes the ISACA® Journal, and develops international IS auditing and control
standards, which help its constituents ensure trust in, and value from, information systems. It also
advances and attests IT skills and knowledge through the globally respected Certified Information
Systems Auditor® (CISA®), Certified Information Security Manager® (CISM®), Certified in the
Governance of Enterprise IT® (CGEIT®) and Certified in Risk and Information Systems Control™
(CRISC™) designations. ISACA continually updates COBIT®, which helps IT professionals and
enterprise leaders fulfil their IT governance and management responsibilities, particularly in the
areas of assurance, security, risk and control, and deliver value to the business.
Disclaimer
®
ISACA has designed this publication, COBIT 5: Process Reference Guide Exposure Draft (the ‘Work’),
primarily as an educational resource for control professionals. ISACA makes no claim that use of any
of the Work will assure a successful outcome. The Work should not be considered inclusive of all
proper information, procedures and tests or exclusive of other information, procedures and tests
that are reasonably directed to obtaining the same results. In determining the propriety of any
specific information, procedure or test, readers should apply their own professional judgement to
the specific control circumstances presented by the particular systems or information technology
environment.
Reservation of Rights
© 2011 ISACA. All rights reserved. No part of this publication may be used, copied, reproduced,
modified, distributed, displayed, stored in a retrieval system or transmitted in any form by any
means (electronic, mechanical, photocopying, recording or otherwise) without the prior written
authorisation of ISACA. Reproduction and use of all or portions of this publication are permitted
solely for academic, internal and non‐commercial use and for consulting/advisory engagements and
must include full attribution of the material’s source. No other right or permission is granted with
respect to this work.
ISACA
3701 Algonquin Road, Suite 1010
Rolling Meadows, IL 60008 USA
Phone: +1.847.253.1545
Fax: +1.847.253.1443
E‐mail:
COBIT 5: Process Reference Guide Exposure Draft
Acknowledgements
ISACA wishes to recognise:
COBIT 5 Task Force (2009‐2011)
John W. Lainhart, IV, CISA, CISM, CGEIT, IBM Global Consulting Services, USA, Co‐chair
Derek J. Oliver, Ph.D., DBA, CISA, CISM, CITP, FBCS, FISM, MInstISP, Ravenswood Consultants Ltd, UK, Co‐chair
Pippa G. Andrews, CISA, ACA, CIA, KPMG, Australia
Elisabeth Antonsson, CISM, BSc, BA, Nordea Bank, Sweden
Steven A. Babb, CGEIT, KPMG, UK
Steven De Haes, Ph.D., University of Antwerp Management School, Belgium
Peter Harrison, CGEIT, FCPA, IBM Australia Ltd., Australia
Jimmy Heschl, CISA, CISM, CGEIT, ITIL Expert, BWIN, Austria
Robert D. Johnson, CISA, CISM, CGEIT, ING US Financial Services, USA
Erik Pols, CISA, CISM, Shell International‐ITCI, Netherlands
Vernon Poole, CISM, CGEIT, Sapphire, UK
Abdul Rafeq, CISA, CGEIT, CIA, FCA, A. Rafeq and Associates, India
Development Team
Floris Ampe, CISA, CGEIT, CIA, ISO27000, PricewaterhouseCoopers, Belgium
Gert du Preez, CGEIT, PricewaterhouseCoopers, Belgium
Stefanie Grijp, PricewaterhouseCoopers, Belgium
Gary Hardy, CGEIT, IT Winners, South Africa
Bart Peeters, PricewaterhouseCoopers, Belgium
Dirk Steuperaert, CISA, CGEIT, IT In Balance BVBA, Belgium
Workshop Participants
Gary Baker, CA, Canada
Brian Barnier, USA
Johannes Hendrik Botha, MBCS‐CITP, FSM, getITright Skills Development, South Africa
Ken Buechler, PMP, Great West Life, Canada
Don Caniglia, FLMI, USA
Mark Chaplin, UK
Roger Debreceny, Ph.D., CGEIT, FCPA, University of Hawaii—Manoa, USA
Mike Donahue, CISA, CISM, CGEIT, CFE, CGFM, CICA, Towson University, USA
Urs Fischer, CISA, CRISC, CIA, CPA (Swiss), Switzerland
Bob Frelinger, CISA, CGEIT, Oracle Corporation, USA
James Golden, CISM, CGEIT, CISSP, IBM, USA
Meenu Gupta, CISA, CISM, CBP, CISSP, CIPP, Mittal Technologies, USA
Gary Langham, CISSP, CPFA, Australia
Nicole Lanza, CGEIT, IBM, USA
Philip Mark Le Grand, Prince 2, Datum International Plc, UK
Debra Malette, CISA, CGEIT, CSSBB, Kaiser Permanente IT, USA
Stuart MacGregor, Real IM Solutions (Pty) Ltd., South Africa
Christian Nissen, CISM, CGEIT, FSM, CFN People, Denmark
Jamie Pasfield, ITIL v3, PRINCE2, Pfizer, UK
Eddy Schuermans, Esras, Belgium
Michael Semrau, RWE Germany, Germany
Max Shanahan, FCPA, Max Shanahan & Associates, Australia
Alan Simmonds, TOGAF9, UK
Cathie Skoog, CISM, CGEIT, CRISC, IBM, USA
Dejan Slokar, CISA, CGEIT, CISSP, Deloitte LLP, Canada
Roger Southgate, UK
Nicky Tiesenga, CISA, CISM, CGEIT, IBM, USA
ii | P a g e © A l l r i g h t s r e s e r v e d .
COBIT 5: Process Reference Guide Exposure Draft
Wim Van Grembergen, Ph.D., University of Antwerp Mgmt School, Belgium
Greet Volders, CGEIT, Voquals N.V., Belgium
Christopher Wilken, CISA, CGEIT, PricewaterhouseCoopers LLP, USA
Tim M. Wright, GSEC, QSA, CBCI, Kingston Smith Consulting LLP, UK
Expert Reviewers
Mark Adler, CISA, CISM, CGEIT, Commercial Metals Company, USA
Wole Akpose, CGEIT, Morgan State University, USA
Krzysztof Bączkiewicz, CSAM, CSOX, Eracent, Poland
Roland Bah, MTN Cameroon, Cameroon
Dave Barnett, CISSP, CSSLP, USA
Max Herman Blecher, CGEIT, Virtual Allegiance, South Africa
Johannes Hendrik Botha, MBCS‐CITP, FSM, getITright Skills Development, South Africa
Ricardo Bria, CISA, CGEIT, Meycor GRC, Argentina
Dirk Bruyndonckx, CISA, CISM, CGEIT, CRISC, MCA, KPMG Advisory, Belgium
Ken Buechler, PMP, Great West Life, Canada
Donna Cardall, UK
Debra Chiplin, Investors Group, Canada
Sara Cosentino, CA, Great West Life, Canada
Philip B. de Picker, CISA, MCA, National Bank of Belgium, Belgium
Abe Deleon, CISA, IBM, USA
Stephen Doyle, Medicare Australia, Australia
Heidi L. Erchinger, CISA, CRISC, CISSP, System Security Solutions Inc., USA
Rafael Fabius, CISA, CRISC, Uruguay
Bob Frelinger, CISA, CGEIT, Oracle Corporation, USA
Yalcin Gerek, CISA, CGEIT, ITIL Expert, Turkey
Edson Gin, CISA, CIPP, CFE, SSCP, USA
James Golden, CISM, CGEIT, CISSP, IBM, USA
Marcelo Gonzalez, Banco Central Republic Argentina, Argentina
Erik Guldentops, University of Antwerp Management School, Belgium
Meenu Gupta, CISA, CISM, CBP, CISSP, CIPP, Mittal Technologies, USA
Angelica Haverblad, CGEIT, Verizon Sweden AB, Sweden
Kim Haverblad, CISM, PCI QSA, Verizon Sweden AB, Sweden
J. Winston Hayden, CISA, CISM, CGEIT, ITGS Consultants, South Africa
Eduardo Hernandez, Triara, Mexico
Jorge Hidalgo, CISA, CISM, CGEIT, Argentina
Michelle Hoben, Media 24, South Africa
Linda Horosko, Great West Life, Canada
Mike Hughes, CISA, CGEIT, CRISC, 123 Consultants, UK
Grant Irvine, Great West Life, Canada
Monica Jain, CGEIT, CSQA, CSSBB, Southern California Edison, USA
John Jasinski, SSBB, ITIL Service Manager, USA
Masatoshi Kajimoto, CISA, CRISC, Japan
Kamal Khan, CISA, CISSP, CITP, Saudi Aramco, Saudi Arabia
Eddy Khoo, KPMG Business Advisory, Malaysia
Marty King, CISA, CGEIT, CPA, Blue Cross Blue Shield NC, USA
Alan S. Koch, ITIL, ASK Process Inc., USA
Jason Lannen, CISA, CISM, TurnKey IT Solutions LLC, USA
Nicole Lanza, CGEIT, IBM, USA
Philip Mark Le Grand, Prince 2, Datum International Plc, UK
Kenny Lee, CISSP, Bank of America, USA
iii | P a g e © A l l r i g h t s r e s e r v e d .
COBIT 5: Process Reference Guide Exposure Draft
Brian Lind, CISA, CISM, Topdanmark Forsikring A/S, Denmark
Bjarne Lonberg, A.P. Moller ‐ Maersk, Denmark
Stuart MacGregor, Real IM Solutions (Pty) Ltd., South Africa
Charles Mansour, CISA, Charles Mansour Audit & Risk Service, UK
Cindy Marcello, CPA, FLMI, Great West Life, Canada
Nancy McCuaig, CISSP, Great West Life, Canada
John A. Mitchell, CFE, FBCS, UK
Makoto Miyazaki, CISA, CPA, The Bank of Tokyo‐Mitsubishi, UF, Ltd., Japan
Lucio Molina, ITIL, Colombia
Christian Nissen, CISM, CGEIT, FSM, CFN People, Denmark
Tony Noblett, CISA, CISM, CGEIT, CISSP, USA
Ernest Pages, CISA, CGEIT, MCSE, eGov Consulting Services LLC, USA
Jamie Pasfield, ITIL v3, PRINCE2, Pfizer, UK
Thomas Patterson, CISA, CGEIT, CRISC, CPA, IBM, USA
Robert Payne, CGEIT, MBL, MCSSA, PrM, Lode Star Strategy Consulting, South Africa
Andre Pitkowski, CGEIT, CRISC, OCTAVE, ISO27000LA, ISO31000LA, APIT Consultoria de Informatica Ltd.,
Brazil
Geert Poels, Ghent University, Belgium
Dirk Reimers, Hewlett‐Packard, Germany
Robert Riley, CISSP, University of Notre Dame, USA
Martin Rosenberg, Ph.D, Cloud Governance Ltd., UK
Claus Rosenquist, CISA, CISSP, Nets, Denmark
J Roth, CISA, CGEIT, CISSP, L‐3 Communications, USA
Cheryl Santor, CISSP, CNA, CNE, Metropolitan Water District, USA
Eddy Schuermans, Esras, Belgium
Michael Semrau, RWE Germany, Germany
Max Shanahan, FCPA, Max Shanahan & Associates, Australia
Alan Simmonds, TOGAF9, UK
Jennifer Smith, CISA, CIA, Salt River Pima Maricopa Indian Community, USA
Marcel Sorouni, CISA, CISM, CISSP, CCNA, Bupa Australia, Australia
Mark Stacey, FCA, Sara Lee Corporation, Spain
Karen Stafford‐Gustin, MLIS, Great West Life, Canada
Delton Sylvester, Silver Star IT Governance Consulting, South Africa
Katalin Szenes, CISA, CISM, CGEIT, CISSP, University Obuda, Hungary
Halina Tabacek, CGEIT, Oracle Americas, USA
Nancy Thompson, CISA, CISM, CGET, IBM, USA
Kazuhiro Uehara, CISA, CGEIT, Hitachi Consulting Co. Ltd., Japan
Johan van Grieken, Deloitte, Belgium
Flip van Schalkwyk, Provincial Government Western Cape, South Africa
Andre Viviers, MCSE, IT Project+, Media 24, South Africa
Greet Volders, CGEIT, Voquals N.V., Belgium
David Williams, CISA, Westpac, New Zealand
Tim M. Wright, GSEC, QSA, CBCI, Kingston Smith Consulting LLP, UK
Amanda Xu, PMP, Southern California Edison, USA
Tichaona Zororo, CISA, CISM, CGEIT, Standard Bank, South Africa
ISACA Board of Directors
Emil D’Angelo, CISA, CISM, Bank of Tokyo Mitsubishi UFJ Ltd., USA, International President
Christos K. Dimitriadis, Ph.D., CISA, CISM, INTRALOT S.A, Greece, Vice President
Ria Lucas, CISA, CGEIT, Telstra Corp. Ltd., Australia, Vice President
Hitoshi Ota, CISA, CISM, CGEIT, CRISC, CIA, GSEC (GIAC), Mizuho Corporate Bank Ltd., Japan, Vice President
Jose Angel Pena Ibarra, CGEIT, CA Technologies, USA, Vice President
iv | P a g e © A l l r i g h t s r e s e r v e d .
COBIT 5: Process Reference Guide Exposure Draft
Robert E. Stroud, CGEIT, CA Technologies, USA, Vice President
Kenneth L. Vander Wal, CISA, CPA, Ernst & Young (retired), USA, Vice President
Rolf M. von Roessing, CISA, CISM, CGEIT, Forfa AG, Germany, Vice President
Lynn C. Lawton, CISA, FBCS CITP, FCA, FIIA, KPMG Ltd., Russian Federation, Past International President
Everett C. Johnson Jr., CPA, Deloitte & Touche (retired), USA, Past International President
Gregory T. Grocholski, CISA, The Dow Chemical Co., USA, Director
Tony Hayes, CGEIT, AFCHSE, CHE, FACS, FCPA, FIIA, Queensland Government, Australia, Director
Howard Nicholson, CISA, CGEIT, CRISC, City of Salisbury, Australia, Director
Jeff Spivey, CRISC, CPP, PSP, Security Risk Management, USA, ITGI Trustee
Framework Committee
Patrick Stachtchenko, CISA, CGEIT, Stachtchenko & Associates SAS, France, Chair
Steven A. Babb, CGEIT, KPMG, UK
Sushil Chatterji, CGEIT, Edutech Enterprises, Singapore
Sergio Fleginsky, CISA, Akzonobel, Uruguay
John W. Lainhart, IV, CISA, CISM, CGEIT, IBM Global Business Services, USA
Mario C. Micallef, CGEIT, CPAA, FIA, Ganado $ Associates, Malta
Derek J. Oliver, Ph.D., DBA, CISA, CISM, CITP, FBCS, FISM, MInstISP, Ravenswood Consulting Ltd., UK
Robert G. Parker, CISA, CA, CMA, FCA, Canada
Jo Stewart‐Rattray, CISA, CISM, CGEIT, CSEPS, RSM Bird Cameron, Australia
Robert E. Stroud, CGEIT, CA Technologies, USA
Rolf M. von Roessing, CISA, CISM, CGEIT, Forfa AG, Germany
Special Recognition
ISACA Los Angeles Chapter for its financial support
ISACA and IT Governance Institute® (ITGI®) Affiliates and Sponsors
American Institute of Certified Public Accountants
ASIS International
The Center for Internet Security
Commonwealth Association for Corporate Governance Inc.
FIDA Inform
Information Security Forum
Institute of Management Accountants Inc.
ISACA Chapters
ITGI Japan
Norwich University
Solvay Brussels School of Economics and Management
University of Antwerp Management School
ASI System Integration
Hewlett‐Packard
IBM
SOAProjects Inc.
Symantec Corp.
TruArx Inc.
v | P a g e © A l l r i g h t s r e s e r v e d .
COBIT 5: Process Reference Guide Exposure Draft
Table of Contents
1. INTRODUCTION ........................................................................................................................................ 2
2. THE GOALS CASCADE AND METRICS FOR ENTERPRISE GOALS AND IT‐RELATED GOALS .............................. 3
COBIT 5 GOALS CASCADE ........................................................................................................................................ 3
Step 1. Stakeholder Needs to Governance Objectives ................................................................................... 4
Step 2. Governance Objectives to Enterprise Goals ....................................................................................... 4
Step 3. Enterprise Goals to IT‐related Goals ................................................................................................... 5
Step 4. IT‐related Goals to Process Goals ....................................................................................................... 5
USING THE COBIT 5 GOALS CASCADE ......................................................................................................................... 5
Benefits of the COBIT 5 Goals Cascade ........................................................................................................... 5
Using the COBIT 5 Goals Cascade Carefully .................................................................................................... 6
Using the COBIT 5 Goals Cascade ................................................................................................................... 6
Metrics ............................................................................................................................................................ 6
ENTERPRISE GOAL METRICS ....................................................................................................................................... 6
IT‐RELATED GOAL METRICS ....................................................................................................................................... 8
3. THE COBIT 5 PROCESS MODEL ................................................................................................................ 10
4. THE COBIT 5 PROCESS REFERENCE MODEL .............................................................................................. 13
Governance and Management Processes .................................................................................................... 13
A Process Reference Model .......................................................................................................................... 13
5. COBIT 5 PROCESS REFERENCE GUIDE ...................................................................................................... 16
APPENDIX A. MAPPING BETWEEN COBIT 5 AND LEGACY ISACA FRAMEWORKS ......................................... 205
APPENDIX B. DETAILED MAPPING ENTERPRISE GOALS—IT‐RELATED GOALS ............................................. 214
APPENDIX C. DETAILED MAPPING IT RELATED GOALS—IT‐RELATED PROCESSES ........................................ 216
Table of Figures
Figure 1—COBIT 5 Product Architecture Overview ................................................................................................ 2
Figure 2—COBIT 5 Goals Cascade Overview........................................................................................................... 3
Figure 3—Enterprise Goals Mapped to Governance Objectives ............................................................................ 4
Figure 4—IT‐related Goals ...................................................................................................................................... 5
Figure 5—Enterprise Goal Sample Metrics ............................................................................................................. 7
Figure 6—IT‐related Goal Sample Metrics.............................................................................................................. 8
Figure 7—COBIT 5 Process Model ........................................................................................................................ 10
Figure 8—COBIT 5 Governance and Management Processes .............................................................................. 13
Figure 9—COBIT 5 Illustrative Governance and Management Processes ............................................................ 15
Figure 10—ISACA Frameworks Included in COBIT 5 ........................................................................................... 205
Figure 11—COBIT 4.1 Control Objectives Mapped to COBIT 5 ........................................................................... 205
Figure 12—Val IT 2.0 Key Management Practices Covered by COBIT 5 ............................................................. 211
Figure 13—Risk IT Key Management Practices Covered by COBIT 5 .................................................................. 213
Figure 14—Mapping COBIT 5 Enterprise Goals to IT‐related Goals ................................................................... 215
Figure 15—Mapping COBIT 5 IT‐related Goals to COBIT 5 Processes ................................................................ 217
1 | P a g e © A l l r i g h t s r e s e r v e d .
COBIT 5: Process Reference Guide Exposure Draft
1. Introduction
COBIT 5: Process Reference Guide complements COBIT 5: Framework (figure 1). This publication
contains a detailed reference guide to the processes that are defined in the COBIT 5 process
reference model.
Figure 1—COBIT 5 Product Architecture Overview
This publication is structured as follows:
• In section 2, the COBIT 5 goals cascade—also explained in the COBIT 5: Framework
publication—is briefly recapitulated and complemented with a set of example metrics for the
enterprise goals and the IT‐related goals.
• In section 3, the COBIT 5 process model is explained and its components defined. This section
explains which information is included in the detailed process information section. Based on the
COBIT 5 process model, the COBIT 5 framework also includes a number (36) of governance and
management processes; this set of processes is the successor to the COBIT 4.1, Val IT and Risk IT
processes, and includes all processes required for end‐to‐end treatment of all governance and
management of enterprise IT.
• Section 4 shows the diagram of this process reference model, which is developed based on best
practices, standards and the opinion of experts. It is important to understand that the model and
its contents are generic and not prescriptive, and it has to be adapted to suit the enterprise.
Also, the guidance defines practices and activities at a relatively high level and does not describe
HOW the process procedure is to be defined.
• Section 5—the main section in this publication—contains the detailed process information for all
COBIT 5 processes in the process reference model.
• A number of appendices are also presented, including a mapping between the COBIT 4.1, Val IT
2.0 and Risk IT processes (and their control objectives or management practices) and their COBIT
5 equivalent.
Different products and other guidance covering the diverse needs of various stakeholders will be
built from the main COBIT 5 knowledge base. This will happen over time, making the COBIT 5
product architecture a living document. The latest COBIT 5 product architecture can be found on the
COBIT pages of the ISACA web site (www.isaca.org/COBIT5).
2 | P a g e © A l l r i g h t s r e s e r v e d .
COBIT 5: Process Reference Guide Exposure Draft
2. The Goals Cascade and Metrics for Enterprise Goals and IT‐related
Goals
COBIT 5 Goals Cascade
In section 4 of COBIT 5: The Framework, the COBIT 5 goals cascade is explained. This cascade
translates stakeholder needs into governance objectives and enterprise goals, and then further
down to IT‐related goals, processes and process goals. This cascade is shown in figure 2.
Figure 2—COBIT 5 Goals Cascade Overview
Drivers
Drivers
Stakeholders
Stakeholder Needs
Governance Objective
Value Creation
Benefits Resource Risk
Realisation Optimisation Optimisation
Mapping
Enterprise Goals
Mapping
Information and
Related Technology
Goals
Mapping
Processes
Service Culture,
Capabilities Ethics,
Behaviour
Enabler
S
Ckoimllsp e&tencies Goals Organisational
Structures
Principles & Information
Policies
3 | P a g e © A l l r i g h t s r e s e r v e d .
COBIT 5: Process Reference Guide Exposure Draft
The cascade applies to every enterprise—commercial entities, non‐profit organisations, government
bodies, etc. This section explains further how stakeholder concerns can be addressed by the COBIT 5
goals cascade.
The COBIT 5 goals cascade is the mechanism that will translate stakeholder concerns into goals that
are more tangible and therefore can be managed more consistently. This cascade can be described
step by step as follows.
Step 1. Stakeholder Needs to Governance Objectives
Stakeholder needs, which are influenced by a number of drivers, can be related to one or more of
the governance objectives of benefits delivery, risk balancing and cost optimisation.
Step 2. Governance Objectives to Enterprise Goals
Overall governance objectives for the enterprise translate into and map onto a set of generic
1
enterprise goals; these enterprise goals have been developed using the Balanced Scorecard (BSC)
dimensions, and they represent a list of commonly used goals an enterprise has defined for itself.
Although this list is not exhaustive, most enterprise‐specific goals can be easily mapped onto one or
more of the generic enterprise goals. COBIT 5 defines 17 generic goals, shown in figure 3, which lists
the enterprise goals and how they relate to the governance objectives. In the mapping table, a ‘P’
stands for primary relationship, and an ‘S’ for secondary relationship, i.e., a less strong relationship.
Figure 3—Enterprise Goals Mapped to Governance Objectives
GOVERNANCE OBJECTIVES
BSC BENEFITS RISK RESOURCE
ENTERPRISE GOALS
DIMENSION REALISATION MANAGEMENT OPTIMISATION
1. STAKEHOLDER VALUE OF BUSINESS INVESTMENTS P
2. PORTFOLIO OF COMPETITIVE PRODUCTS AND SERVICES P S
FINANCIAL 3. MANAGED BUSINESS RISKS (SAFEGUARDING OF ASSETS) P S
4. COMPLIANCE WITH EXTERNAL LAWS AND REGULATIONS P
5. FINANCIAL TRANSPARENCY P S S
6. CUSTOMER‐ORIENTED SERVICE CULTURE P S
7. BUSINESS SERVICE CONTINUITY AND AVAILABILITY P
CUSTOMER 8. AGILE RESPONSES TO A CHANGING BUSINESS ENVIRONMENT P S
9. INFORMATION‐BASED STRATEGIC DECISION MAKING P P P
10. OPTIMISATION OF SERVICE DELIVERY COSTS P S
11. OPTIMISATION OF BUSINESS PROCESS FUNCTIONALITY P P
12. OPTIMISATION OF BUSINESS PROCESS COSTS P P
INTERNAL 13. MANAGED BUSINESS CHANGE PROGRAMMES P P S
14. OPERATIONAL AND STAFF PRODUCTIVITY P P
15. COMPLIANCE WITH INTERNAL POLICIES P
LEARNING 16. SKILLED AND MOTIVATED PEOPLE S S P
AND
17. PRODUCT AND BUSINESS INNOVATION CULTURE P
GROWTH
1
Kaplan, Robert S.; David P. Norton; The Balanced Scorecard: Translating Strategy into Action; Harvard University Press,
USA, 1996
4 | P a g e © A l l r i g h t s r e s e r v e d .
